I am skeptical about everything that pops up on my computer screen but we’re all guilty of being gullible sometime. Even though I examined this emessage and wouldn’t click on the blue button, I still didn’t give the message enough thought.
However, I phoned listed at the bottom of the message, not giving it a second thought. Big mistake. I should have given it second thought, long thought. If the phone number is in the message it is the same as the blue button, tainted by the scammers.
Yup, I got connected to the scammers. They sounded authentic, saying things that seemed as appropriate for PayPal, pulling me deeper into their trap. But I was concentrating on the money drawn on my account rather than thinking about this message.
Then, a really foolish move, I let them have remote control of my computer. They looked around and when they asked me to connect to my financial institution, my brain finally engaged. The person asking me for remote control of my computer, trigger #1; the speaker’s accent, Indian or Pakistani…trigger #2; then they asked me to log into my financial institution which required accessing my password manager, trigger #3. The last straw, when I asked for the speaker’s phone number saying I would phone him back, there was much reluctance and excuse making. I insisted. He relented and gave me his badge#, name and phone number but by that time I was thoroughly convinced I had been taken in and HUNG UP THE PHONE.
Immediately the phone rang. I answered. It was the same voice. I hung up again. The phone rang again. I let it ring and go to message. I now realized I had been scammed and my computer likely had been compromised. I feared keystroke tracking software may have been installed on my computer, plus I had logged into my password manager. This meant that if they had keystroke logging, they had access to all my passwords.
I immediately undertook action to protect my computer and my passwords. It took me hours to rectify things but I am confident I am safe once again. Here are the things I did:
- Restored my computer to an earlier time long before this call;
- Got a new password manager and imported all my passwords for the old password manager;
- Removed the old password manager;
- Unsubscribed from the old password manager
- Began a systematic change of the crucial financial-related passwords;
- ran all my antimalware software;
- Contacted Bell Telephone to discuss how they can and should protect my IP address;
- I am still doing “rectification” things to safeguard my data.
Think twice, three times before you act on emails from sources asking or telling you about financial matters or asking about any of your computer information. The scammers use amazing tactics, awesomely inviting dialogue, very real looking phishing displays. Don’t open anything you have not initiated yourself, or anything you have doubts about. Be big time skeptical. I thought I was a knowledgeable and well-armed computer user. They pulled me in. Imagine what they can do to a person who is much less computer conversant. Don’t let them take you there.